Bug#5370: Tcpdump dumps core and it too verbose on SMB packets

To: submit@bugs.debian.org
Subject: Bug#5370: Tcpdump dumps core and it too verbose on SMB packets
From: Farzad FARID <farzy@publicis.fr>
Date: Tue, 12 Nov 1996 16:02:43 +0100 (MET)
Message-id: <Pine.LNX.3.94.961112151456.9990B-100000@sphinx.publicis.fr>
Reply-to: Farzad FARID <farzy@publicis.fr>, 5370@bugs.debian.org

Package: tcpdump
Version: 3.0.4-3

Machine :
 PC running Linux 2.0.24.
 Ethernet adapter SMC/Western Digital WD8013

We've got a linux server running Samba and Win95 client machines. When I
run the latest version of tcpdump (without any parameter) on my computer
it is very very verbose about SMB packets and dumps core quickly. 

The previous installed version, I _think_ it was 3.0.4-1, worked
correctly. I think that by default the new smb support should be less
verbose.

15:14 [root:p2] sgip038:~# tcpdump > tcpdump.out
tcpdump: listening on eth0
zsh: segmentation fault (core dumped)  tcpdump > tcpdump.out
15:15 [root:p2] sgip038:~#


The output looks like this:

15:15:04.440016 sgip034.sgip.fr.1025 > horus.sgip.fr.netbios-ssn: P 4914756:4914860(104) ack 2196925011 win 7851
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=100
WARNING: Short packet. Try increasing the snap length (44)

SMB PACKET: SMBtrans2 (REQUEST)
SMB Command   =  0x32
Error class   =  0x0
Error code    =  0
Flags1        =  0x0
Flags2        =  0x1
Tree ID       =  17
Proc ID       =  0
UID           =  13250
MID           =  3436
Word Count    =  78
TRANSACT2_OPEN param_length=0 data_length=4352
TotParam=3095
TotData=63496
MaxParam=3102
MaxData=4360
MaxSetup=0
Flags=0x3100
TimeOut=3486256
Res1=0x0
ParamCnt=0
ParamOff=0
DataCnt=4352
DataOff=0
SetupCnt=0
TransactionName=SMB2
Flags2=Data=
Data: (4352 bytes)
[000] FF 53 4D 42 32 00 00 00  00 00 01 00 00 00 00 00  .SMB2... ........
[010] 00 00 00 00 00 00 00 00  11 00 00 00 C2 33 6C 0D  ........ .....3l.
[020] 4E 17 0C 08 F8 1E 0C 08  11 00 00 00 31 30 32 35  N....... ....1025
         [........ more output deleted .........]
[10B0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[10C0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[10D0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[10E0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[10F0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........


 (DF)
15:15:04.440016 sgip033.sgip.fr.1025 > horus.sgip.fr.netbios-ssn: P 3584976:3585021(45) ack 2222860524 win 7493
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=41

SMB PACKET: SMBclose (REQUEST)
SMB Command   =  0x4
Error class   =  0x0
Error code    =  0
Flags1        =  0x0
Flags2        =  0x1
Tree ID       =  17
Proc ID       =  0
UID           =  13250
MID           =  3436
Word Count    =  78
smbvwv[]=
Handle=3095
Time=Thu Jan  1 00:59:59 1970
Data: (150 bytes)
[000] 08 11 00 00 00 31 30 32  35 00 00 00 00 00 00 00  .....102 5.......
[010] 00 11 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[020] 00 11 00 00 00 C2 33 6C  11 5E 17 0C 08 28 1F 0C  ......3l .^...(..
[030] 08 21 00 00 00 38 1F 0C  08 C2 33 6C 17 C2 33 6C  .!...8.. ..3l..3l
[040] 11 01 04 8B 00 EB 28 7E  84 D0 B3 36 00 00 00 00  ......(~ ...6....
[050] 00 11 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[060] 00 21 00 00 00 00 00 00  00 00 00 00 00 00 00 00  .!...... ........
[070] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[080] 00 AD 10 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[090] 00 00 00 00 00 00                                 ...... 
smb_bcc=0


 (DF)
15:15:04.440016 horus.sgip.fr.netbios-ssn > sgip033.sgip.fr.1025: P 1:40(39) ack 45 win 31744
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=35

SMB PACKET: SMBclose (REPLY)
SMB Command   =  0x4
Error class   =  0x0
Error code    =  0
Flags1        =  0x80
Flags2        =  0x1
Tree ID       =  17
Proc ID       =  0
UID           =  13250
MID           =  3436
Word Count    =  78
smbvwv[]=
smb_vwv[0]=3095 (0xC17)
smb_vwv[1]=63496 (0xF808)
smb_vwv[2]=3102 (0xC1E)
smb_vwv[3]=4360 (0x1108)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=12544 (0x3100)
smb_vwv[6]=12848 (0x3230)
smb_vwv[7]=53 (0x35)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=4352 (0x1100)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=4352 (0x1100)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=49664 (0xC200)
smb_vwv[22]=27699 (0x6C33)
      [..... more output deleted .....]

--
Farzad FARID
Administrateur Reseau
SGIP - Publicis


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Prev by Date: Bug#5361: bash has option interactive-comments on
Next by Date: Bug#5371: Packages to be removed from frozen
Previous by thread: Bug#5368: zgv has incorrect postinst
Next by thread: Bug#5371: Packages to be removed from frozen
Index(es):
- Date
- Thread